An attack signature model to computer security intrusion detection

Actas de congresos

Fecha

2002-12-01

Registro en:

Proceedings - IEEE Military Communications Conference MILCOM, v. 2, p. 1368-1373.

http://hdl.handle.net/11449/67059

10.1109/MILCOM.2002.1179680

WOS:000180880500250

2-s2.0-0037004539

0095921943345974

0000-0003-4494-1454

Autor

Universidade Estadual Paulista (Unesp)

Institución

Universidade Estadual Paulista (Brasil)

Resumen

Internal and external computer network attacks or security threats occur according to standards and follow a set of subsequent steps, allowing to establish profiles or patterns. This well-known behavior is the basis of signature analysis intrusion detection systems. This work presents a new attack signature model to be applied on network-based intrusion detection systems engines. The AISF (ACME! Intrusion Signature Format) model is built upon XML technology and works on intrusion signatures handling and analysis, from storage to manipulation. Using this new model, the process of storing and analyzing information about intrusion signatures for further use by an IDS become a less difficult and standardized process.

Materias

Computer networks

Electronic document identification systems

Information analysis

Security of data

XML

Attack signature model

Intrusion detection system

Intrusion signature format

Military communications

Mostrar el registro completo del ítem